An official website of the United States government
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

DCDC News Releases
NEWS | April 21, 2026

DCDC Alerts Military Community to Warning on Russian Router Hacking Campaign

By DCDC Public Affairs DoD Cyber Defense Command

FORT GEORGE G. MEADE, Md.  –   The Department of Defense Cyber Defense Command is alerting all Department of War personnel, their families, and defense agencies to an urgent FBI Public Service Announcement encouraging defensive actions to counter a widespread cyber campaign that exploits vulnerabilities in small-office home-office (SOHO) routers to steal sensitive information.

According to alert, co-sealed by multiple joint and international partners, cyber actors are compromising vulnerable SOHO routers worldwide to hijack internet traffic. Officials warn that the goal of this campaign is to intercept data to find and exploit information related to military, government, and critical infrastructure matters.

The advisory states that the hackers change a setting on SOHO routers to redirect a user's internet traffic through servers by cyber threat actors. This adversary-in-the-middle attack allows them to steal passwords, emails, and web browsing history, especially if a user clicks through a browser security warning. Given that many personnel and contractors work remotely, this threat poses a significant risk to both personal and operational security.

How to Protect Your Home Network
Everyone is strongly encouraged to take the following immediate steps:
  • Update Your Router: Check the manufacturer's website for the latest firmware for your specific router model and install it immediately. If the device is old and no longer receives security updates, it should be replaced.
  • Change Default Passwords: If you have not already done so, change the default administrator username and password on your router to a strong, unique password.
  • Disable Remote Access: Log into your router's settings and disable any "remote management" or "remote administration" feature that would allow it to be accessed from the internet.
  • Heed Security Warnings: Never click through or ignore a certificate warning in your web browser or email client. These warnings can indicate that your traffic is being intercepted.
  • Report Suspicious Activity
If you suspect your home router or devices have been compromised, you are encouraged to report the incident to your local FBI field office and file a complaint with the Internet Crime Complaint Center (IC3) at www.ic3.gov.